59189 - Make sure that SanitizeKey() is accessed only by the attribute token.

r=jar
sr=scc
This commit is contained in:
harishd%netscape.com 2000-11-06 06:03:34 +00:00
Родитель 5be21b9b5c
Коммит ce112cef66
2 изменённых файлов: 16 добавлений и 0 удалений

Просмотреть файл

@ -2268,6 +2268,14 @@ nsresult CNavDTD::CollectAttributes(nsCParserNode& aNode,eHTMLTags aTag,PRInt32
theToken=(CToken*)mSkippedContent.PopFront();
else theToken=mTokenizer->PopToken();
if(theToken) {
eHTMLTokenTypes theType=eHTMLTokenTypes(theToken->GetTokenType());
if(theType!=eToken_attribute) {
// If you're here then it means that the token does not
// belong to this node. Put the token back into the tokenizer
// and let it go thro' the regular path. Bug: 59189.
mTokenizer->PushTokenFront(theToken);
break;
}
// Sanitize the key for it might contain some non-alpha-non-digit characters
// at its end. Ex. <OPTION SELECTED/> - This will be tokenized as "<" "OPTION",
// "SELECTED/", and ">". In this case the "SELECTED/" key will be sanitized to

Просмотреть файл

@ -2268,6 +2268,14 @@ nsresult CNavDTD::CollectAttributes(nsCParserNode& aNode,eHTMLTags aTag,PRInt32
theToken=(CToken*)mSkippedContent.PopFront();
else theToken=mTokenizer->PopToken();
if(theToken) {
eHTMLTokenTypes theType=eHTMLTokenTypes(theToken->GetTokenType());
if(theType!=eToken_attribute) {
// If you're here then it means that the token does not
// belong to this node. Put the token back into the tokenizer
// and let it go thro' the regular path. Bug: 59189.
mTokenizer->PushTokenFront(theToken);
break;
}
// Sanitize the key for it might contain some non-alpha-non-digit characters
// at its end. Ex. <OPTION SELECTED/> - This will be tokenized as "<" "OPTION",
// "SELECTED/", and ">". In this case the "SELECTED/" key will be sanitized to